The Australian Taxation Office (ATO) has issued a call for cyber security assistance as it undergoes a program of “significant” IT transformation.
The federal government body has launched a request for tender (RFT), seeking partners to provide cyber augmentation services (CAS) -- a range of skilled cyber professionals who will work with the ATO’s in-house team.
According to the RFT, the ATO is eyeing “a range of specific cyber skillsets to complement and strengthen” its in-house Security Branch (ICS).
The chosen partner will be required to offer skills in regulatory compliance as well as the day-to-day security operations – to monitor, detect, analyse and respond to internal and external security threats.
The ATO, which is undergoing a major transformation of its IT environment and procurement activities, now offers IT contracts through “flexible bundles”.
Any partner to obtain a contract through this bundle may also be “engaged” to support implementation of strategic cyber programs and other project functions.
“The CAS service provider is to provide qualified, experienced and pre-cleared CAS service provider personnel as required and on-demand to augment the Cyber Governance and Operations (CGO) and Cyber Strategy and Programs (CSP) teams, delivering capacity as well as associated industry best practice, capabilities and frameworks,” the RFT read.
Specifically, a partner would be tasked with providing a two-year ‘Transition In Support (TIS)’ team that supports the CGO and CSP with responsibilities related to the onboarding of service providers.
They would also provide part-time quality assurance CAS service provider personnel to report on and warrant the quality of work, the RFT added.
Partners have until 11 May to respond to the tender.
As part of its overall transformation, the ATO is looking to modernise its environments and procurement across six areas: end-user technology, centralised computing and enterprise service management centre, alongside unified communications, monitoring and technical helpdesk.
Last year it launched a request for information (RFI) to help upgrade a “significant” part of its IT infrastructure and builds on the recent outsourcing of its managed network services.
It is intended that the new outsourcing operating model will "ensure a seamless integration of insourcing and outsource” function.